Should ports be visible to nmap?
No, you cannot hide a open port in any sensible way. The port accepting connections is what nmap tests, and is also the definition of an open port.
It may or may not be a security risk, and it may or may not be desirable. This depends on your needs and applications. If you don't run a webserver, there's no reason to leave it open. If you don't intend for postgresql to be reachable externally, there's no reason to allow it, and so forth.
You should allow only the traffic you need, and block other traffic. Which traffic this is you have to define yourself.