You will still need a backup in case you corrupt the file system, since a RAID will not protect you from that (nor from a power surge).

An encrypted file system will not protect you from anyone while it’s mounted, so the security problem remains.
I wouldn’t even bother with an encrypted filesystem if the system is stationary, unless there’s a risk of it getting stolen.

If you say that the system acts as an aggregation of passwords with which it collects data for visualization,
you still have the problem that you need to notice that the machine is compromised. And you will have to be able to access all the sites attached to this machine before their passwords are changed.

I’d try to modularize the system, so the compromise of one module doesn’t bring down the whole system.

And your system should warn you of a breach and allow you to recover completely within 30min from a remote location.

Maybee FreeBSD Jails could help with compartmentalization.

I really hate anonymous comments and was off to delete this, but your point was valid. Come back and actually post with your name and what not and I’ll replace the comment.

That said, I definitely understand where you’re coming from, and I’m working a lot on redundancy. I’m going to build a RAID within the machine to backup data and run the machine into a UPS (which also allows the machine to tell me whether or not I’ve lost power before shutting down gracefully.)

Like Michael said, I’m encrypting the filesystems as well to make sure that data can’t be ripped off of the drive; meanwhile, the machine won’t hold much valuable data on its own (the valuable data will be behind most of the bank services systems, APIs to things like Backpack, etc.,) so at best all someone has by stealing this machine are passwords which I can change on every site within a matter of seconds. The data actually cached on Sarai is minimal at best.