I would highly recommend not putting your home network at risk and poking holes into it. If you just self host a public site on your home network you should consider using cloudflare tunnel.
whats the risk with a static site genuine question? All I can think of is a CVE in html or nginx that seems pretty rare to me. If you're extra paranoid you can isolate the pi on your network.
imo it's not setting up the site once that's the problem, it's keeping it maintained indefinitely without making mistakes, because hostile automated systems will keep on rattling the doorknob like Jurassic Park velociraptors. (And I agree, for sophisticated users keeping it off your home network goes a long way towards preventing worst-case outcomes.)
3 comments