diff --git a/data/common/common.yaml b/data/common/common.yaml
--- a/data/common/common.yaml
+++ b/data/common/common.yaml
@@ -837,6 +837,7 @@
   argocd:
     domains:
       - argocd.softwareheritage.org
+      - argocd.internal.admin.swh.network
       - argocd-rp.internal.admin.swh.network
   hedgedoc:
     domains:
@@ -1099,6 +1100,13 @@
     type: CNAME
     record: inventory.internal.admin.swh.network
     data: bojimans.internal.admin.swh.network.
+  k8s-argocd/A: # main ingress ip of the argocd cluster
+    record: k8s-argocd.internal.admin.swh.network
+    data: 192.168.50.42
+  argocd/CNAME:
+    type: CNAME
+    record: argocd.internal.admin.swh.network
+    data: k8s-argocd.internal.admin.swh.network
   glyptotek/A: # OPNSense firewall, not managed by puppet
     record: "%{alias('opnsense::hosts.glyptotek.fqdn')}"
     data: "%{alias('opnsense::hosts.glyptotek.ip')}"
diff --git a/data/deployments/admin/common.yaml b/data/deployments/admin/common.yaml
--- a/data/deployments/admin/common.yaml
+++ b/data/deployments/admin/common.yaml
@@ -45,7 +45,7 @@
 swh::deploy::sentry::icinga_check_uri: '/auth/login/swh/'
 
 swh::deploy::argocd::vhost::letsencrypt_cert: argocd
-swh::deploy::argocd::reverse_proxy::backend_http_host: argo-worker01.internal.admin.swh.network
+swh::deploy::argocd::reverse_proxy::backend_http_host: k8s-argocd.internal.admin.swh.network
 swh::deploy::argocd::reverse_proxy::backend_http_port: "80"
 swh::deploy::argocd::vhost::ssl_protocol: "%{hiera('apache::ssl_protocol')}"
 swh::deploy::argocd::vhost::ssl_honorcipherorder: "%{hiera('apache::ssl_honorcipherorder')}"