Изначально планировал бекендом создавать файл-маркер с уникальным именем и в качестве action'а формы отправки отдавать браузеру, затем, в идеале, в момент начала приема post'а с файлом nginx'ом удалять файл-маркер, и затем nginx отдает форму без тела принятого файла бекэнду.

Сейчас уперся в:
если файл /file_receiver/secret-marker-file-one.html есть, принимает, нормально, передает бекэнду, если файла /file_receiver/secret-marker-file-one.html нет, не передает, но post запрос все равно принимает весь полностью.
в идеале отработка if (!-f $request_filename) { return 444; } после приема формы запроса и до приема части с файлом, если такое вообще возможно.
вот конфиг:


daemon off;
worker_processes 1;


error_log /dev/stdout debug buffer=0;
#error_log file [ debug | info | notice | warn | error | crit ]
#pid logs/nginx.pid;




http {
include mime.types;
default_type application/octet-stream;
log_format main \n '$uri $body_bytes_sent > > > $remote_addr - $remote_user [$time_local] "$request" '
'$status "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"' \n;


access_log /dev/stdout main buffer=0;


sendfile on;
#tcp_nopush on;

#keepalive_timeout 0;
keepalive_timeout 65;
tcp_nodelay on;



gzip on;
gzip_min_length 700; #1100
gzip_buffers 4 8k;
#gzip_http_version 1.0;
gzip_comp_level 7;
gzip_proxied any;
gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;


upload_progress proxied 1m; # 1mb mem reserved

server {


root /home/user/WWW/NGINX/html;


#listen 127.0.0.1 default;
server_name localhost;
client_max_body_size 100m;

#root /usr/local/nginx/html;
uninitialized_variable_warn on;


location ^~ /progress {
# report uploads tracked in the 'proxied' zone
report_uploads proxied;
}



location /uploaded_files/ {
proxy_pass http://127.0.0.1:3000;
break;
}


location ~* /file_receiver/(secret-marker-file-one|secret-marker-file-two|secret-marker-file-three).html {




if ($request_method != POST ) {
return 444;
}

if (!-f $request_filename) {
return 444;
#break;
}


limit_rate 1k;
#set $limit_rate 1000;
# proxy to upstream server


upload_store /home/user/WWW/UPLOADS;
upload_store_access user:rw;


#upload_set_form_field $upload_field_name.name "$upload_file_name";
upload_set_form_field uploaded_file[filename] "$upload_file_name";

#upload_set_form_field $upload_field_name.content_type "$upload_content_type";
upload_set_form_field uploaded_file-type- "$upload_content_type";

#upload_set_form_field $upload_field_name.path "$upload_tmp_path";
upload_set_form_field uploaded_file-file- "$upload_tmp_path";

#upload_aggregate_form_field $upload_field_name.size "$upload_file_size";
upload_aggregate_form_field uploaded_file-size- "$upload_file_size";


#upload_pass_form_field "^submit$|^description$|^file1$|^file2$|^file";
#upload_pass_form_field "MAX_FILE_SIZE";
#upload_pass_form_field "file";

upload_limit_rate 10k;
#upload_pass_args on;

#upload_cleanup 400 404 499 500-505;


upload_pass @backend;


# track uploads in the 'proxied' zone
# uploads expires 30s after they finish.
track_uploads proxied 30s;
}

location @backend {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
#proxy_redirect false;
proxy_pass http://127.0.0.1:3000;
}

location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
#proxy_redirect false;
proxy_pass http://localhost:3000/;
}


}

}