It's amazingly easy to setup SSL for Central using Let's Encrypt. But sometimes a user wants to deploy in an offline or disconnected environment. Related:
For Portable OpenStreetMap (POSM), we just go without SSL. The hardware is intended to be turned on when needed (not left unattended and running), so we operate under the assumption that the network wifi password is enough. And usually, the device is being used to collet open map data and so the data risks involved are low.
The Carter Center and @tomsmyth have done something cool with NEMO/ELMO using a small linux computer and a router running OpenWRT. They use a pre-purchased SSL certificate (a wildcard if setting up multiple field servers).
It would be great to have some options/guidance around setting up Central on a disconnected network or portable hardware. In addition to SSL issues, there would need to be user management that doesn't depend on email?
That's right, and so it's related to Central password reset without email. And now I see that post also has more details about your use of HTTP and alternatives you considered.
Sounds great for data capture in remote locations - thinking turtle tagging in remote Western Australia where accessing our ODK Central is too laggy (Azure/Sydney), or external programs without data sharing agreements (industry partners are notoriously paranoid).
I have been working on this exact problem as a volunteer for Red Cross, ably supervised by @danbjoseph . I have made some progress that might be of some interest to you. The jist of it is: I have adapted a wifi attachment point docker container (at https://gitlab.com/ptimlick/docker-ap). On my laptop, I have gotten to a odk login from an android phone connected through this attachment point. If you are knowlegeable in docker configuration and motivated, you might be able to use it to make something. The documentation is sparse, consisting of the start of the README.md file. One thing you could try fairly quickly (if you run linux and python3) is download the attachable-device script and see if it thinks your computer wifi interface supports host attachment point. I'm interested in hearing your results. Thanks for reading this, and good luck -- Patrick Timlick
