Refused to load spa-manifest.json

Steps to reproduce

Load the funkwhale starting page in a browser and look at the browser console log.

What happens?

The browser fails to load spa-manifest.json because, even though Funkwhale is configured to use https, it tries to get the json file via http.

The related log output (domain is replaced with example.com) is:

library:1  Refused to load manifest from 'http://funkwhale.example.com/api/v1/instance/spa-manifest.json' because it violates the following Content Security Policy directive: "default-src 'self'". Note that 'manifest-src' was not explicitly set, so 'default-src' is used as a fallback.

Mixed Content: The page at 'https://funkwhale.example.com/serviceWorker.js' was loaded over HTTPS, but requested an insecure resource 'http://funkwhale.example.com/api/v1/instance/spa-manifest.json'. This request has been blocked; the content must be served over HTTPS.
serviceWorker.js:1  Uncaught (in promise) TypeError: Failed to fetch
    at ce.fetch (serviceWorker.js:1:3904)
    at p._handleInstall (serviceWorker.js:1:8431)
    at p._handle (serviceWorker.js:1:7902)
    at async p._getResponse (serviceWorker.js:1:6959)
fetch @ serviceWorker.js:1
_handleInstall @ serviceWorker.js:1
_handle @ serviceWorker.js:1

What is expected?

Funkwhale loads spa-manifest.json

Context

Funkwhale version(s) affected: 1.3.0

MS Edge Version 114.0.1823.37 (Official build) (64-bit) Instance run on Docker.