Is there something like "things to do when deploying a PostgreSQL cluster in production"?

The title is self-explanatory and it is referred to changing configurations, (dis)enabling schemes/roles/accounts, etc.; that is, making the cluster more "secure".