Luks is a thing. No reason it can’t be done on the server though things like patching won’t be automated.

Kill switch is well, not as easy. But possible.

That said. The government would just lampoon you in the media as some child porn hoster or whatever they want and taint the jury pool. And probably charge you with obstruction and a host of other things if you didn’t decrypt the server.

There is case law where refusing a description password isn’t covered by the 4th or 5th amendment so they could just Guantanamo your ass as pressure.

https://arstechnica.com/tech-policy/2017/03/man-jailed-indefinitely-for-refusing-to-decrypt-hard-drives-loses-appeal/

https://arstechnica.com/tech-policy/2020/08/nj-supreme-court-no-5th-amendment-right-not-to-unlock-your-phone/

https://www.zdnet.com/article/florida-court-says-password-disclosure-not-protected-by-fifth-amendment/

https://www.eff.org/press/releases/appeals-court-upholds-constitutional-right-against-forced-decryption

https://www.postschell.com/insights/third-circuit-imprisonment-refusing-order-decrypt-device-cannot-exceed

TL:DR - there’s no established case law that protects you from withholding the encryption key from government and there’s conflicting rulings in the current US districts. In some places you can be held indefinitely. Unsure what occurs if you can’t remember the key though.