Same here. Just a couple of accesspoints. No cloudkey, controller is a “run every once in a while and upgrade” on my mom’s laptop. Router/switch is a Mikrotik.
I know for a fact it’s possible to configure APs to be “adopted” by a controller living out there on the internet, all they need is an https controller endpoint, and letsencrypt would works fine for https certs and you’re done. You can distribute the controller url over DHCP or better yet DNS in order to make swaps easy. (or you can ssh into APs individually and set the inform url)
When your controller (either local or remote) is down or unreachable, APs can still work fine using their previous config. They can power off/on and will not lose their config.