OnionRewrite fails after upgrade

In a fresh instance, the new ruleset from #40456 (closed) is successfully installed and it works. However, when upgrading from a previous version somethings goes wrong, and while the #40456 (closed) "works" (the old ruleset is deleted and the new one is added), the ruleset is apparently not applied. The symptom is that https-everywhere does not redirect the request from *.securedrop.tor.onion -> *.onion and Tor Browser simply sends the *.securedrop.tor.onion hostname to tor. As a result, tor responds with a BAD_HOSTNAME because securedrop.tor.onion is a bad hostname.