I run my relay on my firewall machine.

I have a headless debian server box set up to be firewall/router between the WAN and LAN NICs. It's also DHCP/DNS/NTP server for the LAN.

Since the machine have plenty of CPU and memory to spare I also run a Tor relay against the WAN NIC.

I guess putting too many eggs in one basket is a risk but it has worked well for many years now. So if you trust the Tor software enough to have it run on such a sensitive machine, go for it I say.