I had a similar idea of doing this as well, there were several projects I was working on and getting a copy of a blockchain up and running quickly was a pain.
I'd actually recommend dedicated systems rather than 1 dedicated system. That might be more expense than you were willing to try it for. You might want to consider offshore dedicated hosting which is inexpensive, but you'll have to pass that cost onto your customer if they are willing to pay for it. If you run too many daemons on your box, your disk I/O will slow down to a crawl, the blockchains are horrible at I/O efficiency. Consider using a storage system that uses data dedupe as well as SSD caching, like a NetApp. An alternative would just be to use all SSD storage.
1 - Customers will have to trust you at certain points, you ultimately own the hardware. Turning over the root pw is about a good as you can get for them. Anything less and people will squawk because you've still got ownership.
2 - Tell your customer to turn on logging, you personally want no responsibility whatsoever, the minute you take on responsibility for something, you own it. Put the onus on the client, if they want logging, then help them do it, otherwise forget it. If someone reports something to you in terms of abuse, then cut your customer off. Just get a really good terms of service built for yourself. Log everything else, switches, firewalls, ups's etc to a syslog server.
3 - If you get a report of abuse, suspend their access and cut them off if necessary. Same as if they fail to pay you at some point.
4 - No, but you should be ready for shenanigans and ddos.
5 - You should have a top notch firewall and put yourself behind some DDOS protection. Get your systems scanned by qualys and adopt a security standard, like PCI compliance. Setup monitoring, alerting, and out of band access for yourself too.
Thanks Cloverme, Really thorough answer, exactly what I was looking for. Due to working with firewalls on a daily basis for work I actually have a cluster I can use and 2 x Dedicated servers, Maybe I will have to purchase some form of NAS.iSCSI for the IO work, I have DDoS protection and OOB Access (pushkablue).
Good idea about the logging, You are right, It should not be my job to "look after" others peoples bitcoins, in case they set weak password etc, They need to have a level of responsibility themselves. As with any wallet/service you have. I'm sure blockchain.info are able to access my "online wallet" for instance, they do own the hardware.
Thanks again, You have given me a lot to think about.