Oh boy. First off, unless you're a high profile activist, a high profile government agent, or a high profile hacker, your threat model isn't really targeted to you specifically. For a regular person, you usually just want to try to keep some amount of privacy on the internet and not be the lowest hanging fruit for bots and scripts.
Any of the big name Linux distros will all be fine, Ubuntu, Debian, fedora, Linux mint, etc, etc. With exception of arch, its fine, but make sure you're in a position to update regularly, and possibly deal with some breakage and fixing after an update with arch. (don't use it for server)
Anyway, these are the things I do, if you'd like to take inspiration:
I use LUKS for full disk encryption on my laptop. Not because of paranoia about the government, but because its nice to know if you're in a cafe working and someone steals your laptop while you get up to go to the restroom or something, your data is safe from prying eyes.
I use an opnsense firewall for my network, for flexibility and control over my devices and connections.
I use an openWRT WiFi router,again for flexibility and control over my WiFi connections.
I use a Firefox based browser, (firefox, fennec, ice raven, etc) its hardened enough I'm sure there's some crazy hardened version of chrome or whatever, but for the safety of the web, I like supporting a browser that's not chrome, there's really only 3 big players and one of them is Google, they alllmost have a monopoly on the web. All the other browsers are using Chrome's rendering engine except Firefox and I think safari.
Use Ublock Origin firefox or chrome extension for ad blocking
For a phone, I'd probably use a pixel device that supports grapheneOS, but right now i'm just using LineageOS, again in use Firefox for android with ublock origin extension.
For passwords, I use keepassxc, and sync it across my devices with syncthing
Oh, and don't use google for your search engine.