I'm relatively new to Linux disk encryption theory and practice, and am researching it, but would like to hear from experienced users as well.

Disk encryption on a remote server?

The setup I'm considering involves encrypting a partition which will hold Postgres database, on a Xen powered OpenSuse VPS.

What am I trying to accomplish? Prevent curious datacenter techies from seeing the data, if they mount the Xen image. Also, who knows where the discs that fail in RAIDs end up...

I don't know, and so I'm asking, if something like that is worth the trouble, in your experience?

Please note I am concerned here only with protecting from physical access. The data will be available to clients through a webapp, and that's entirely different security story involving strong passwords, SSL, webappsec, etc...

Also note that the sensitivity of data is relative. If I can help it, I'd like to prevent any leakage. If the leakage happens, well, the data is really in the class of Business Secrets, no CC data that would, if leaked, harm a number of people.

I'm just wondering if I should bother at all. One big drawback I see here is that I'd have to manually mount the partition and start the database after each reboot... Not good if the server restarts while I'm not within 5 minutes from logging back in...