diff --git a/data/common/common.yaml b/data/common/common.yaml
--- a/data/common/common.yaml
+++ b/data/common/common.yaml
@@ -1040,6 +1040,10 @@
     type: CNAME
     record: inventory.internal.admin.swh.network
     data: bojimans.internal.admin.swh.network.
+  sentry-admin/CNAME:
+    type: CNAME
+    record: sentry.internal.admin.swh.network
+    data: riverside.internal.admin.swh.network.
   glyptotek/A: # OPNSense firewall, not managed by puppet
     record: "%{alias('opnsense::hosts.glyptotek.fqdn')}"
     data: "%{alias('opnsense::hosts.glyptotek.ip')}"
diff --git a/data/deployments/admin/common.yaml b/data/deployments/admin/common.yaml
--- a/data/deployments/admin/common.yaml
+++ b/data/deployments/admin/common.yaml
@@ -3,6 +3,7 @@
 swh::deploy::reverse_proxy::services:
   - hedgedoc
   - grafana
+  - sentry
 
 swh::postgresql::version: '14'
 swh::postgresql::listen_addresses:
@@ -32,6 +33,15 @@
 swh::deploy::grafana::reverse_proxy::websocket_support: true
 swh::deploy::grafana::base_url: "%{lookup('grafana::vhost::name')}"
 
+sentry::vhost::name: sentry.softwareheritage.org
+swh::deploy::sentry::vhost::letsencrypt_cert: "%{lookup('sentry::vhost::name')}"
+swh::deploy::sentry::reverse_proxy::backend_http_host: sentry.internal.admin.swh.network
+swh::deploy::sentry::reverse_proxy::backend_http_port: "3000"
+swh::deploy::sentry::base_url: "%{lookup('sentry::vhost::name')}"
+swh::deploy::sentry::vhost::letsencrypt_cert: sentry
+# swh::deploy::sentry::extra_apache_opts:
+#   proxy_preserve_host: true
+
 hitch::frontend: "[*]:443"
 hitch::proxy_support: true
 varnish::http_port: 80
diff --git a/data/hostname/bojimans.internal.admin.swh.network.yaml b/data/hostname/bojimans.internal.admin.swh.network.yaml
--- a/data/hostname/bojimans.internal.admin.swh.network.yaml
+++ b/data/hostname/bojimans.internal.admin.swh.network.yaml
@@ -1,4 +1,4 @@
---- 
+---
 apache::rewrite_domains:
   # Must have matching certificates in letsencrypt::certificates
   inventory.internal.softwareheritage.org:
diff --git a/data/hostname/pergamon.softwareheritage.org.yaml b/data/hostname/pergamon.softwareheritage.org.yaml
--- a/data/hostname/pergamon.softwareheritage.org.yaml
+++ b/data/hostname/pergamon.softwareheritage.org.yaml
@@ -72,3 +72,11 @@
     gid: 3000
   boatbucket:
     gid: 1024
+
+# Temporarily for the duration of the riverside migration to the admin vlan Drop this
+# when the migration is finished.
+apache::rewrite_domains:
+  # Must have matching certificates in letsencrypt::certificates
+  sentry.softwareheritage.org:
+    rewrites:
+      - "^.*$ https://riverside.internal.admin.swh.network"
diff --git a/data/subnets/vagrant.yaml b/data/subnets/vagrant.yaml
--- a/data/subnets/vagrant.yaml
+++ b/data/subnets/vagrant.yaml
@@ -87,6 +87,10 @@
     host: dali.internal.admin.swh.network
     aliases:
       - db1.internal.admin.swh.network
+  10.168.50.70:
+    host: riverside.internal.admin.swh.network
+    aliases:
+      - sentry.softwareheritage.org
   10.168.50.60:
     host: bojimans.internal.admin.swh.network
     aliases:
diff --git a/manifests/site.pp b/manifests/site.pp
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -118,7 +118,7 @@
   include role::swh_ci_server
 }
 
-node 'riverside.internal.softwareheritage.org' {
+node 'riverside.internal.admin.swh.network' {
   include role::swh_sentry
 }
 
diff --git a/site-modules/profile/manifests/swh/deploy/reverse_proxy.pp b/site-modules/profile/manifests/swh/deploy/reverse_proxy.pp
--- a/site-modules/profile/manifests/swh/deploy/reverse_proxy.pp
+++ b/site-modules/profile/manifests/swh/deploy/reverse_proxy.pp
@@ -1,4 +1,4 @@
-# Reverse proxy to expose staging services
+# Reverse proxy to expose staging/admin services
 # https://forge.softwareheritage.org/T2747
 class profile::swh::deploy::reverse_proxy {
   include ::profile::hitch
diff --git a/site-modules/role/manifests/swh_sysadmin.pp b/site-modules/role/manifests/swh_sysadmin.pp
--- a/site-modules/role/manifests/swh_sysadmin.pp
+++ b/site-modules/role/manifests/swh_sysadmin.pp
@@ -22,8 +22,6 @@
   include profile::debian_repository
   include profile::bitbucket_archive_web
 
-  include profile::sentry::reverse_proxy
-
   include profile::weekly_report_bot
   include profile::weekly_planning_bot
   include profile::monthly_report_bot
@@ -31,4 +29,5 @@
   include profile::opnsense::monitoring
 
   include profile::status_io_metrics
+  include profile::apache::rewrite_domains
 }