nix/bin/gpg-private-key

#!/bin/bash
# Export GPG private key (BE CAREFUL - keep this safe!)
# Usage: gpg-private-key [-c] [key-id or email]
#   -c    Copy to clipboard instead of printing

set -e

COPY=false
KEY_ID=""

# Parse arguments
while [[ $# -gt 0 ]]; do
    case "$1" in
    -c | --copy)
        COPY=true
        shift
        ;;
    *)
        KEY_ID="$1"
        shift
        ;;
    esac
done

# If no key specified, use first secret key
if [[ -z $KEY_ID ]]; then
    KEY_ID=$(gpg --list-secret-keys --keyid-format LONG 2>/dev/null | grep '^sec' | head -1 | sed 's/.*\/\([A-F0-9]*\) .*/\1/')
fi

if [[ -z $KEY_ID ]]; then
    echo "Error: No GPG key found"
    exit 1
fi

echo "WARNING: You are exporting your PRIVATE key!" >&2
echo "Keep this safe and never share it publicly!" >&2
echo "" >&2

if $COPY; then
    if [[ "$(uname)" == "Darwin" ]]; then
        gpg --armor --export-secret-keys "$KEY_ID" | pbcopy
        echo "Private key copied to clipboard"
    elif command -v xclip &>/dev/null; then
        gpg --armor --export-secret-keys "$KEY_ID" | xclip -selection clipboard
        echo "Private key copied to clipboard"
    elif command -v wl-copy &>/dev/null; then
        gpg --armor --export-secret-keys "$KEY_ID" | wl-copy
        echo "Private key copied to clipboard"
    else
        echo "Error: No clipboard tool found (pbcopy, xclip, or wl-copy)"
        exit 1
    fi
    echo "Remember to clear your clipboard after use!" >&2
else
    gpg --armor --export-secret-keys "$KEY_ID"
fi