diff --git a/data/common/common.yaml b/data/common/common.yaml
--- a/data/common/common.yaml
+++ b/data/common/common.yaml
@@ -3340,19 +3340,22 @@
 thanos::query::non_puppet_managed::stores:
   - mmca-thanos.softwareheritage.org:443
 
-thanos::gateway::services:
+thanos::stores:
   historical:
     azure-storage-container: metrics-historical-data-0
-    port-http: 19193
-    port-grpc: 19093
+    store:
+      port-http: 19193
+      port-grpc: 19093
   mmca:
     azure-storage-container: metrics-mmca-0
-    port-http: 19194
-    port-grpc: 19094
+    store:
+      port-http: 19194
+      port-grpc: 19094
   archive-staging:  # rancher cluster
     azure-storage-container: metrics-sesi-rocquencourt-rancher-staging-0
-    port-http: 19195
-    port-grpc: 19095
+    store:
+      port-http: 19195
+      port-grpc: 19095
 
 grafana::db::database: grafana
 grafana::db::username: grafana
diff --git a/site-modules/profile/manifests/thanos/base.pp b/site-modules/profile/manifests/thanos/base.pp
--- a/site-modules/profile/manifests/thanos/base.pp
+++ b/site-modules/profile/manifests/thanos/base.pp
@@ -49,5 +49,7 @@
     owner   => $user,
     group   => 'prometheus',
     mode    => '0750',
+    purge   => true,
+    recurse => true,
   }
 }
diff --git a/site-modules/profile/manifests/thanos/gateway.pp b/site-modules/profile/manifests/thanos/store.pp
rename from site-modules/profile/manifests/thanos/gateway.pp
rename to site-modules/profile/manifests/thanos/store.pp
--- a/site-modules/profile/manifests/thanos/gateway.pp
+++ b/site-modules/profile/manifests/thanos/store.pp
@@ -1,5 +1,5 @@
-# Thanos gateway services (historical metrics access)
-class profile::thanos::gateway {
+# Thanos store services (historical metrics access)
+class profile::thanos::store {
   include profile::thanos::base
   include profile::thanos::tls_certificate
 
@@ -7,13 +7,13 @@
 
   $internal_ip = ip_for_network(lookup('internal_network'))
 
-  $services = lookup('thanos::gateway::services')
+  $stores = lookup('thanos::stores')
 
   $azure_account = lookup('thanos::objstore::azure_account')
   $azure_account_key = lookup('thanos::objstore::azure_account_key')
 
   $config_dir = $::profile::thanos::base::config_dir
-  $services.each | $dataset_name, $service | {
+  $stores.each | $dataset_name, $service | {
     $objstore_config = {
       "type"   => "AZURE",
       "config" => {
@@ -33,47 +33,60 @@
       require => File[$::profile::thanos::base::config_dir],
     }
 
-    $port_http = $service['port-http']
+    $port_http = $service['store']['port-http']
     $http_address = "${internal_ip}:${port_http}"
-    $port_grpc = $service['port-grpc']
+    $http_target  = "${swh_hostname['internal_fqdn']}:${port_http}"
+
+    $port_grpc = $service['store']['port-grpc']
     $grpc_address = "${internal_ip}:${port_grpc}"
     $grpc_target  = "${swh_hostname['internal_fqdn']}:${port_grpc}"
 
-    $service_name = "thanos-gateway@${dataset_name}"
+    $service_name = "thanos-store@${dataset_name}"
     $unit_name = "${service_name}.service"
 
     ::systemd::dropin_file {"${service_name}/parameters.conf":
       ensure   => present,
       unit     => $unit_name,
       filename => 'parameters.conf',
-      content  => template('profile/thanos/gateway-parameters.conf.erb'),
+      content  => template('profile/thanos/store-parameters.conf.erb'),
       notify   => Service[$service_name],
     }
 
-    service {$service_name:
+    # Cleanup old thanos-gateway service instances
+    service {"thanos-gateway@${dataset_name}":
+      ensure => stopped,
+      enable => false,
+    }
+    -> service {$service_name:
       ensure  => 'running',
       enable  => true,
       require => [
         File[$cert_paths['fullchain']],
         File[$cert_paths['privkey']],
       ],
-      tag     => 'thanos-gateway',
+      tag     => 'thanos-store',
+    }
+
+    # And clean up drop-in files for old service instances
+    -> file {"/etc/systemd/system/thanos-gateway@${dataset_name}.service.d":
+      ensure  => absent,
+      recurse => true,
+      force   => true,
     }
 
     # Ensure service is restarted when the certs are renewed
     File[$cert_paths['fullchain']] ~> Service[$service_name]
     File[$cert_paths['privkey']]   ~> Service[$service_name]
 
-    # gateway service grpc address pushed to query service configuration file to access
+    # store service grpc address pushed to query service configuration file to access
     # historical data
-    ::profile::thanos::export_query_endpoint {"thanos-gateway-${grpc_target}":
+    ::profile::thanos::export_query_endpoint {"thanos-store-${grpc_target}":
       grpc_address => $grpc_target
     }
 
-    $http_target  = "${swh_hostname['internal_fqdn']}:${port_http}"
-    ::profile::prometheus::export_scrape_config {"thanos-gateway-${http_target}":
+    ::profile::prometheus::export_scrape_config {"thanos-store-${http_target}":
       target => $http_target,
-      job    => 'thanos_gateway',
+      job    => 'thanos_store',
       labels => {
         dataset_name => $dataset_name,
       },
@@ -81,9 +94,16 @@
   }
 
   # Uses: $config_dir, $cert_paths
-  systemd::unit_file {'thanos-gateway@.service':
+  systemd::unit_file {'thanos-store@.service':
     ensure  => present,
-    content => template('profile/thanos/gateway@.service.erb'),
+    content => template('profile/thanos/store@.service.erb'),
     require => Class['profile::thanos::base'],
-  } ~> Service <| tag == 'thanos-gateway' |>
+  } ~> Service <| tag == 'thanos-store' |>
+
+
+  # Cleanup old thanos-gateway service file
+  Service <| tag == 'thanos-store' |>
+  -> systemd::unit_file {'thanos-gateway@.service':
+    ensure => absent,
+  }
 }
diff --git a/site-modules/profile/templates/thanos/gateway-parameters.conf.erb b/site-modules/profile/templates/thanos/store-parameters.conf.erb
rename from site-modules/profile/templates/thanos/gateway-parameters.conf.erb
rename to site-modules/profile/templates/thanos/store-parameters.conf.erb
--- a/site-modules/profile/templates/thanos/gateway-parameters.conf.erb
+++ b/site-modules/profile/templates/thanos/store-parameters.conf.erb
@@ -1,5 +1,4 @@
-# Managed by puppet - modifications will be overwritten
-# In defined class profile::thanos::gateway
+# Managed by puppet (class profile::thanos::store) - modifications will be overwritten
 
 [Service]
 Environment=HTTP_ADDRESS=<%= @http_address %>
diff --git a/site-modules/profile/templates/thanos/gateway@.service.erb b/site-modules/profile/templates/thanos/store@.service.erb
rename from site-modules/profile/templates/thanos/gateway@.service.erb
rename to site-modules/profile/templates/thanos/store@.service.erb
--- a/site-modules/profile/templates/thanos/gateway@.service.erb
+++ b/site-modules/profile/templates/thanos/store@.service.erb
@@ -1,8 +1,8 @@
-# File managed by puppet (class profile::thanos::gateway)
+# File managed by puppet (class profile::thanos::store)
 # Manual changes will be overwritten
 
 [Unit]
-Description=Thanos gateway instance %i
+Description=Thanos store instance %i
 
 [Service]
 Environment=HTTP_ADDRESS=
@@ -19,7 +19,7 @@
 ExecReload=/bin/kill -HUP $MAINPID
 TimeoutStopSec=20s
 SendSIGKILL=no
-CacheDirectory=thanos/gateway-%i
+CacheDirectory=thanos/store-%i
 
 # systemd hardening-options
 AmbientCapabilities=
diff --git a/site-modules/role/manifests/swh_thanos.pp b/site-modules/role/manifests/swh_thanos.pp
--- a/site-modules/role/manifests/swh_thanos.pp
+++ b/site-modules/role/manifests/swh_thanos.pp
@@ -1,5 +1,5 @@
 # Thanos role
 class role::swh_thanos inherits role::swh_base {
   include profile::thanos::query
-  include profile::thanos::gateway
+  include profile::thanos::store
 }