diff --git a/data/defaults.yaml b/data/defaults.yaml
--- a/data/defaults.yaml
+++ b/data/defaults.yaml
@@ -2648,6 +2648,11 @@
   esnode3.internal.softwareheritage.org:
     id: 13
 
+# Real exported files from munin
+stats_export::export_path: "/var/www/html/export"
+stats_export::export_file: "%{hiera('stats_export::export_path')}/history_counters.json"
+
+# Exposed through the following host's apache venv
 stats_export::vhost::name: stats.export.softwareheritage.org
 stats_export::vhost::docroot: "/var/www/%{hiera('stats_export::vhost::name')}"
 stats_export::vhost::ssl_protocol: "%{hiera('apache::ssl_protocol')}"
diff --git a/site-modules/profile/manifests/munin/master.pp b/site-modules/profile/manifests/munin/master.pp
--- a/site-modules/profile/manifests/munin/master.pp
+++ b/site-modules/profile/manifests/munin/master.pp
@@ -8,6 +8,15 @@
     extra_config => ["cgiurl_graph http://$master_hostname"],
   }
 
+  $export_path = lookup('stats_export::export_path')
+
+  file {$export_path:
+    ensure  => directory,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0755',
+  } ~> Apache::Vhost[$master_hostname]
+
   include ::profile::apache::common
   include ::apache::mod::rewrite
   include ::apache::mod::fcgid
@@ -21,6 +30,7 @@
         rewrite_rule => [
           '^/favicon.ico /etc/munin/static/favicon.ico [L]',
           '^/static/(.*) /etc/munin/static/$1          [L]',
+          "^/export/(.*) ${export_path}/$1       [L]",
         ],
       },
       {
@@ -44,7 +54,11 @@
     directories => [
       { 'path'       => '/usr/lib/munin/cgi',
         'options'    => '+ExecCGI',
-        'sethandler' => 'fcgid-script' },
+        'sethandler' => 'fcgid-script'
+      },
+      { 'path'       => "${export_path}",
+        'options'    => '+Indexes',  # allow listing
+      }
     ],
   }
 
diff --git a/site-modules/profile/manifests/munin/stats_export.pp b/site-modules/profile/manifests/munin/stats_export.pp
--- a/site-modules/profile/manifests/munin/stats_export.pp
+++ b/site-modules/profile/manifests/munin/stats_export.pp
@@ -1,13 +1,7 @@
 # stats_export master class
 class profile::munin::stats_export {
-  $vhost_name = lookup('stats_export::vhost::name')
-  $vhost_docroot = lookup('stats_export::vhost::docroot')
-  $vhost_ssl_protocol = lookup('stats_export::vhost::ssl_protocol')
-  $vhost_ssl_honorcipherorder = lookup('stats_export::vhost::ssl_honorcipherorder')
-  $vhost_ssl_cipher = lookup('stats_export::vhost::ssl_cipher')
-  $vhost_hsts_header = lookup('stats_export::vhost::hsts_header')
-
-  $export_file = "${vhost_docroot}/history_counters.json"
+  $export_path = lookup('stats_export::export_path')
+  $export_file = lookup('stats_export::export_file')
 
   $packages = ['python3-click']
 
@@ -35,50 +29,6 @@
     weekday  => '*',
     require  => [
       File['/usr/local/bin/export-rrd'],
-      File[$vhost_docroot],
-    ],
-  }
-
-  file {$vhost_docroot:
-    ensure  => directory,
-    owner   => 'www-data',
-    group   => 'www-data',
-    mode    => '0755',
-  }
-
-  include ::profile::apache::common
-  include ::profile::ssl
-
-  ::apache::vhost {"${vhost_name}_non-ssl":
-    servername      => $vhost_name,
-    port            => '80',
-    docroot         => $vhost_docroot,
-    redirect_status => 'permanent',
-    redirect_dest   => "https://${vhost_name}/",
-  }
-
-  $ssl_cert_name = 'stats_export_softwareheritage_org'
-  $ssl_cert = $::profile::ssl::certificate_paths[$ssl_cert_name]
-  $ssl_chain   = $::profile::ssl::chain_paths[$ssl_cert_name]
-  $ssl_key  = $::profile::ssl::private_key_paths[$ssl_cert_name]
-
-  ::apache::vhost {"${vhost_name}_ssl":
-    servername           => $vhost_name,
-    port                 => '443',
-    ssl                  => true,
-    ssl_protocol         => $vhost_ssl_protocol,
-    ssl_honorcipherorder => $vhost_ssl_honorcipherorder,
-    ssl_cipher           => $vhost_ssl_cipher,
-    ssl_cert             => $ssl_cert,
-    ssl_chain            => $ssl_chain,
-    ssl_key              => $ssl_key,
-    headers              => [$vhost_hsts_header],
-    docroot              => $vhost_docroot,
-    require              => [
-        File[$ssl_cert],
-        File[$ssl_chain],
-        File[$ssl_key],
     ],
   }
-
 }
diff --git a/site-modules/profile/manifests/munin/stats_export.pp b/site-modules/profile/manifests/stats_web.pp
copy from site-modules/profile/manifests/munin/stats_export.pp
copy to site-modules/profile/manifests/stats_web.pp
--- a/site-modules/profile/manifests/munin/stats_export.pp
+++ b/site-modules/profile/manifests/stats_web.pp
@@ -1,5 +1,5 @@
-# stats_export master class
-class profile::munin::stats_export {
+# Deployment of web-facing stats export (from munin)
+class profile::stats_web {
   $vhost_name = lookup('stats_export::vhost::name')
   $vhost_docroot = lookup('stats_export::vhost::docroot')
   $vhost_ssl_protocol = lookup('stats_export::vhost::ssl_protocol')
@@ -7,38 +7,6 @@
   $vhost_ssl_cipher = lookup('stats_export::vhost::ssl_cipher')
   $vhost_hsts_header = lookup('stats_export::vhost::hsts_header')
 
-  $export_file = "${vhost_docroot}/history_counters.json"
-
-  $packages = ['python3-click']
-
-  package {$packages:
-    ensure => present,
-  }
-
-  file {'/usr/local/bin/export-rrd':
-    ensure  => present,
-    owner   => 'root',
-    group   => 'root',
-    mode    => '0755',
-    source  => 'puppet:///modules/profile/munin/stats_export/export-rrd',
-    require => Package[$packages],
-  }
-
-  cron {'stats_export':
-    ensure   => present,
-    user     => 'www-data',
-    command  => "/usr/local/bin/export-rrd > ${export_file}.tmp && /bin/mv ${export_file}.tmp ${export_file}",
-    hour     => fqdn_rand(24, 'stats_export_hour'),
-    minute   => fqdn_rand(60, 'stats_export_minute'),
-    month    => '*',
-    monthday => '*',
-    weekday  => '*',
-    require  => [
-      File['/usr/local/bin/export-rrd'],
-      File[$vhost_docroot],
-    ],
-  }
-
   file {$vhost_docroot:
     ensure  => directory,
     owner   => 'www-data',
@@ -57,7 +25,7 @@
     redirect_dest   => "https://${vhost_name}/",
   }
 
-  $ssl_cert_name = 'stats_export_softwareheritage_org'
+  $ssl_cert_name = 'star_softwareheritage_org'
   $ssl_cert = $::profile::ssl::certificate_paths[$ssl_cert_name]
   $ssl_chain   = $::profile::ssl::chain_paths[$ssl_cert_name]
   $ssl_key  = $::profile::ssl::private_key_paths[$ssl_cert_name]
@@ -74,11 +42,16 @@
     ssl_key              => $ssl_key,
     headers              => [$vhost_hsts_header],
     docroot              => $vhost_docroot,
+    proxy_pass           => {
+      path => '/',
+      url  => 'http://munin.internal.softwareheritage.org/export/'
+    },
     require              => [
         File[$ssl_cert],
         File[$ssl_chain],
         File[$ssl_key],
-    ],
+     ],
   }
 
+
 }
diff --git a/site-modules/role/manifests/swh_sysadmin.pp b/site-modules/role/manifests/swh_sysadmin.pp
--- a/site-modules/role/manifests/swh_sysadmin.pp
+++ b/site-modules/role/manifests/swh_sysadmin.pp
@@ -17,6 +17,7 @@
   include profile::munin::plugins::postgresql
 
   include profile::annex_web
+  include profile::stats_web
   include profile::docs_web
   include profile::debian_repository