[kelnos]

It's as safe as whatever software stack you'd be using on the Raspberry Pi to serve the site, same as if you'd be hosting it on a VPS in someone's cloud (though in your case if there's a vulnerability of a particular kind, someone could gain access to your local network).

Since you're not hosting the site on the router itself, presumably you're forwarding port 80 from the router to the Raspberry Pi, so unless the security of the Pi ends up being broken, the router should be safe.

(Also I'd recommend using Let's Encrypt to get an automatically-renewing TLS cert so you can serve https on port 443 as well, and even redirect port 80 to it. It's not that difficult to set up, and you'll be improving the privacy and security of those who visit your site.)