There are some default good practice when installing/configure a server and I think is good to follow them and improve where is possible.

I tend to use [ apt ] instead of  [ apt-get ] as they are almost the same: apt is designed for end-users (human) and its output may be changed between versions > Means the output is more reach and pleasant.

All the commands should be run with sudo so it is better to elevate your user from beginning  to root privileges  

  1. Updates: Start with getting the server updated:
  2. Add normal user (will not have sudo permissions)
  3. SSH: harden a bit the SSH service:
  4. UFW: First of all, make sure you have the minimum security in place ( later will follow fail2ban and possible CSF & LFD)

Next will go all the needed services

  1. Nginx: I strongly believe you have to have the last stable version that fits your needs and as the ubuntu repository takes years to update itself I tend to add official repositories to speed up the things a little (if you consider to have PageSpeed then Nginx will have to be build from source).

    You can add Nginx official repository by following their instructions page or these instructions:

    Now, the last step is just to install Nginx 

  2.  PHP: the entire environment is for Magento 2 which at the moment is not working properly with PHP 7.1 because of mcrypt deprecation. But we still can update the APT to the last PHP official repo (Ondrej Surey):

    And here goes the command that will install the PHP7.0 (pay attention, this is not the default version):

  3. MySQL 5.7: the installation is quite simple just make sure to save the root password 🙂
  4. Redis: is very good as a cache DB or even session manager, is fast and reliable but the problem is that in Ubuntu is all the time old
  5. Postfix: as Magento will  need to send emails we need an SMTP server and the most comfortable and reliable is Postfix
  6. Elasticsearch:
    Installing from the APT repository

    You may need to install the apt-transport-https package on Debian(Ubuntu) before proceeding:

    Save the repository definition to /etc/apt/sources.list.d/elastic-5.x.list:

    Next step, just install elasticsearch

    Running Elasticsearch with systemd (Ubuntu 16.04)

    When systemd logging is enabled, the logging information are available using the journalctl commands:

    To tail the journal:

    To list journal entries for the elasticsearch service:

    To list journal entries for the elasticsearch service starting from a given time:

  7. NPM: Install the Node.js package manager (npm)

This would be the first part, in the second we will look into tools more common to magento 2.