External Backup Script using Rsync

All unofficial utilities are provided for your convenience. The scripts are provided as-is and may not be updated or maintained by Ultra.cc. Clients are welcome to use and customize unofficial scripts for their unique needs and requirements. Unofficial support may be offered via Discord only and at the sole discretion of Ultra.cc staff.
Use at your own risk.

This script will create an archived backup in .tar.gz format and transfer the backup with Rsync.

Create Public and Private Keys

First you will need to create a SSH key to be later imported to the destination host.

On your Ultra service, type in ssh-keygen and press ENTER. This should start generating public and private key pairs.

By default it generates a 2048-bit RSA key pair which is sufficient in most cases

$ ssh-keygen
Generating public/private rsa key pair.

We also recommend to generate the following keys which are more secure than the default.

To generate an RSA 4096 key: ssh-keygen -b 4096

Much more secure than 2048 but is slower when connecting.

To generate a ed25519 key: ssh-keygen -t ed25519

New algorithm, has a smaller key size and faster generation with security comparable to RSA ~3000

Here, you can press ENTER to save the key pair into the ~/.ssh subdirectory in your home directory.

$ ssh-keygen -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/your_home/.ssh/id_rsa):

Here you optionally may enter a secure passphrase. You can press ENTER to skip putting in a passphrase.

It is highly encouraged to set a passphrase, as it adds an additional layer of security to prevent unauthorized users from logging in if they have gained access to your private keys.

$ ssh-keygen -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/your_home/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

Then you should see the following output. You now have a public key id_rsa.pub and a private key id_rsa stored in your Home folder (or on the path you set) that you can use to authenticate when logging into SSH.

$ ssh-keygen -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/your_home/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /your_home/.ssh/id_rsa.
Your public key has been saved in /your_home/.ssh/id_rsa.pub.
The key fingerprint is:
SHA256:x23Tr+Ee5TlowA+U9HEquagnog3O09EYHQ346WY usbdocs@usbdocs
The key's randomart image is:
+---[RSA 4096]----+
|=.=. . o+..      |
|.B  o  .oo.      |
|o.o  oo  o       |
|.+ . oo ...      |
| .. .  +S+ .     |
|.      =o==      |
|.o.   o.=o.      |
|o... oE.+o       |
| .. .++..o.      |
+----[SHA256]-----+

Copy Key to Destination Host

To copy your newly created SSH key, execute ssh-copy-id username@destinationip.

Make sure to replace the username and IP with your specific details of the remote server you are accessing.

$ ssh-copy-id ultradocs@85.145.22.545

The following output appears. This is normal. This means that your computer does not recognize your key. This will happen the first time you connect to a new host. Type yes and press ENTER to continue.

$ ssh-copy-id destinationusername@85.145.22.545
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/usbdocs/.ssh/id_rsa.pub"
The authenticity of host '85.145.22.545 (85.145.22.545)' can't be established.
ECDSA key fingerprint is SHA256:9mQKWg1PVPZtxcDASEDdasawrqw.
Are you sure you want to continue connecting (yes/no)?

Type in the SSH password for the destination host.

$ ssh-copy-id destinationusername@85.145.22.545
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/usbdocs/.ssh/id_rsa.pub"
The authenticity of host '85.145.22.545 (85.145.22.545)' can't be established.
ECDSA key fingerprint is SHA256:9mQKWg1PVPZtzZ6d5nDjcWUb/Flkuq5VHYRrvwTeRTE.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
username@example.usbx.me's password:

Once you entered your password, OpenSSH will connect to the slot. It will then copy the contents of your ~/.ssh/id_rsa.pub key into a file in your slot's home directory at ~/.ssh called authorized_keys. Then you should see the following output. At this point, your id_rsa.pub key has been uploaded to the slot.

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '85.145.22.545'" and check to make sure that only the key(s) you wanted were added.

Once everything is done, you can login to your destination from your slot with just ssh destinationusername@85.145.22.545 which will go straight to your shell securely. If you set a password for your keys, enter your password.

Backup Script

Initial Setup

Create three new folders, one may already exist this is fine

mkdir ~/lock
mkdir ~/scripts
mkdir ~/rclone-backup

Then you need to enter the new folder called scripts

cd ~/scripts

And create the script file.

nano rclone-backup.sh

Paste the following lines into the editor:

#!/bin/bash
exec {lock_fd}>/home/username/lock/BackupLock || exit 1
flock -n "$lock_fd" || { echo "ERROR: flock() failed." >&2; exit 1; }
if [ -z "$STY" ]; then exec screen -dm -S rclone-backup /bin/bash "$0"; fi

DATE=$(date +%Y-%m-%d-%H%M%S)
tar --exclude="$HOME"/.config/plex --exclude="$HOME/.config/jellyfin" -czvf "$HOME"/rclone-backup/MyUltraBackup-$DATE.tar.gz "$HOME"/.apps "$HOME"/.config

rclone copy -v --bwlimit=5M /home/username/rclone-backup/ remotename:/MyUltraBackup

flock -u "$lock_fd"

Make sure to replace username to your Ultra username.
Make sure to replace remotename to match your Rclone remote name.

You can execute rclone listremotes to see your configured Rclone remotes.

Save the script and exit the nano editor by pressing Ctrl+X then Y then ENTER.

Test Script

First, navigate to the ~/scripts folder.

cd ~/scripts

Next, we need to make the script executable.

chmod +x rclone-backup.sh

The script is now ready to be executed, which can be done with the following command.

./rclone-backup.sh

If the script is running and you were to rerun it, you may see an error message ERROR: flock() failed. This is a file lock to stop multiple script executions running simultaneously. If you are sure the script is not in fact running, you can delete the lock file from the ~/lock directory.

Check Progress

You can also check the progress of the backup script, which is running in a screen session.

Attach to the screen session with the following command.

screen -rd rclone-backup

To detach from the screen session and leave the script running in the background, press ctrl+a and then press d.

Automate Script

Once you have concluded the script to be running successfully, you can schedule it to be automatically executed via crontab.

Open crontab with the following command:

crontab -e

Inside the crontab add the following line at the bottom of the crontab file.

Make sure to replace ultra with your Ultra username.
The script will run at midnight every 3 days, but can be reconfigured to your liking. See crontab.guru for more information.

0 0 */3 * * /home/ultra/scripts/rclone-backup.sh

Save and exit crontab by pressing Ctrl+X then Y and ENTER.

If you require further assistance, you can open a support ticket here!

Feedback and suggestions regarding this article are welcome on our Discord server

External Backup Script using Rsync
Create Public and Private Keys
Copy Key to Destination Host
Backup Script
Initial Setup
Test Script
Check Progress
Automate Script