LOL, actually I don't know if that's possible. The encryption key has to be accessible for the server to continue doing en/decryption, like for all the database reads/writes. I'm not aware of a way to protect an encryption key from an adversary who has physical control of the device. You can trigger a dead man's switch for emergency shut down and scramble the RAM in the process, hopefully before the adversary can extract the key, but the only 100% safe defense against a physical adversary is to have the device off when they arrive.