Setting Up Armbian STB with Cloudflare Tunnel: Transform Your Old TV Box into a Home Server
Are you looking to repurpose your old Android TV box into a powerful home server?
This comprehensive guide will walk you through setting up Armbian on your STB (Set-Top Box) and configuring Cloudflare Tunnel to securely expose your services to the internet without opening firewall ports or dealing with dynamic DNS.
What You’ll Learn
By the end of this guide, you’ll have:
- A fully functional Armbian-based home server running on your old TV box
- Cloudflare Tunnel configured for secure external access
- A foundation for hosting various services like web applications, APIs, and automation tools
Prerequisites
Before diving in, ensure you have:
- Old Android TV Box: Any ARM-based STB that supports Armbian installation
- Armbian OS: Already flashed and running on your device
- Cloudflare Account: Free account with your domain configured
- Domain Name: Registered domain added to Cloudflare with nameservers configured
- SSH Access: Command-line access to your Armbian device
- Basic Linux Knowledge: Comfort with terminal commands and text editors
Why Choose This Setup?
This configuration offers several advantages:
- 🔒 Security: No need to expose ports directly to the internet
- ⚙️ Reliability: Cloudflare’s global network ensures high availability
- 💰 Cost-Effective: Repurpose existing hardware instead of buying new servers
- 📘 Learning Opportunity: Great way to learn about self-hosting and networking
Step 1: Prepare Your Armbian Environment
Update Your System
# Connect via SSH
ssh your-username@your-stb-ip
# Update package lists and system
sudo apt update && sudo apt upgrade -y
# Install essential tools
sudo apt install -y curl wget nano htopCheck System Architecture
# Check architecture
dpkg --print-architecture
# Common outputs:
# arm64 - for newer 64-bit ARM devices
# armhf - for older 32-bit ARM devicesConfigure Network Settings
# Check current IP
ip addr show
# Note your current IP (e.g., 192.168.0.100)
# Set static IP via router DHCP reservation for consistencyStep 2: Install and Configure Cloudflare Tunnel
Download Cloudflared
For ARM64 devices:
curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm64.debFor ARMHF devices:
curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm.debInstall Cloudflared
sudo dpkg -i cloudflared.deb
# Verify installation
cloudflared --versionAuthenticate with Cloudflare
cloudflared tunnel loginFollow the URL in the terminal:
- Open in your browser
- Log in to your Cloudflare account
- Select your domain
- Click Authorize and Begin Tunneling
Step 3: Create and Configure Your Tunnel
Create a Named Tunnel
cloudflared tunnel create home-server-tunnel📌 Note: Save the Tunnel ID and credentials file path shown in the output.
Create Configuration Directory
sudo mkdir -p /etc/cloudflaredConfigure Tunnel Routing
sudo nano /etc/cloudflared/config.ymltunnel: <YOUR_TUNNEL_ID>
credentials-file: /root/.cloudflared/<YOUR_TUNNEL_ID>.json
ingress:
- hostname: status.yourdomain.com
service: http://localhost:8080
- service: http_status:404Step 4: Set Up DNS Routing
cloudflared tunnel route dns home-server-tunnel status.yourdomain.comThis creates a CNAME record in your Cloudflare DNS automatically.
Step 5: Install and Start the Tunnel Service
# Install systemd service
sudo cloudflared service install
# Enable on boot
sudo systemctl enable cloudflared
# Start the service
sudo systemctl start cloudflaredVerify Service
sudo systemctl status cloudflared
sudo journalctl -u cloudflared.service -fStep 6: Test Your Setup
Create a Simple Test Service
# Install Python
sudo apt install -y python3
# Create test directory
mkdir ~/test-server
cd ~/test-server
# Create HTML file
cat << EOF > index.html
<!DOCTYPE html>
<html>
<head>
<title>Armbian Home Server</title>
</head>
<body>
<h1>Welcome to Your Armbian Home Server!</h1>
<p>Cloudflare Tunnel is working correctly.</p>
<p>Server IP: $(hostname -I | awk '{print $1}')</p>
<p>Timestamp: $(date)</p>
</body>
</html>
EOF
# Start HTTP server
python3 -m http.server 8080Update Tunnel Config
sudo nano /etc/cloudflared/config.ymlUpdate the ingress section if needed, then restart:
sudo systemctl restart cloudflaredTest in Browser
Visit:
https://status.yourdomain.com
✅ You should see your test page live.
Troubleshooting Common Issues
🔴 Service Cannot Connect
# Check local service
curl http://localhost:8080
# Check UFW firewall
sudo ufw status
sudo ufw allow 8080/tcp🔴 Cloudflared Service Issues
sudo journalctl -u cloudflared.service --no-pager -n 50Fixes:
- Ensure
/etc/cloudflared/config.ymlexists - Check permissions and correct paths
- Restart service:
sudo systemctl restart cloudflared
🔴 DNS Propagation Issues
nslookup status.yourdomain.comTips:
- Wait a few minutes
- Clear browser cache
- Test from another network
Security Considerations
SSH Hardening
sudo nano /etc/ssh/sshd_configRecommended changes:
Port 2222
PermitRootLogin no
PasswordAuthentication nosudo systemctl restart sshFirewall Setup
sudo ufw enable
sudo ufw allow 22/tcp
sudo ufw allow 8080/tcp
sudo ufw statusRegular Maintenance
Create Update Script
cat << EOF > ~/update-system.sh
#!/bin/bash
sudo apt update
sudo apt upgrade -y
sudo apt autoremove -y
sudo systemctl restart cloudflared
EOF
chmod +x ~/update-system.shAutomate Weekly via Cron
(crontab -l 2>/dev/null; echo "0 2 * * 0 /home/$(whoami)/update-system.sh") | crontab -Next Steps
Now that your server is online:
- 🌐 Host a Portfolio Website
- ⚙️ Run Automation Tools like n8n, Home Assistant
- 🎬 Install Media Servers like Jellyfin or Plex
- 💻 Set Up Dev Environments: Git, CI/CD
- 📊 Monitor using Grafana, Prometheus
Performance Optimization Tips
Resource Monitoring
sudo apt install -y htop iotop nethogs
htop # CPU/memory
iotop # Disk I/O
nethogs # Network usageStorage Management
df -h
sudo apt autoremove -y
sudo apt autocleanLog Rotation
sudo nano /etc/logrotate.d/cloudflared/var/log/cloudflared.log {
daily
rotate 7
compress
missingok
notifempty
}Conclusion
🎉 Congratulations! You’ve successfully transformed your old TV box into a powerful home server.
- 🔒 Secure remote access via Cloudflare
- ⚡ Professional-grade uptime with no port forwarding
- 💵 Cost-effective and scalable solution
Regularly update and secure your setup, and you’re all set to expand your self-hosted ecosystem!