I would like to restrict a location block to only POST requests. I
think should be able to do this using limit_except, but I am not sure
if I should allow all; or deny all;

location @backends {
passenger_enabled on;
}

location /transfers {
limit_except POST {

}

upload_pass @backends;
upload_store /data/nginx_tmp;
upload_store_access all:r;

Pass these parameters to rails, information about the file.

upload_set_form_field $upload_field_name[filename]
“$upload_file_name”;
upload_set_form_field $upload_field_name[local_path]
“$upload_tmp_path”;

Pass these generated parameters to rails.

upload_aggregate_form_field $upload_field_name[size]
“$upload_file_size”;

Allow the remaning parameters to pass though unmolested.

upload_pass_form_field “^.*$”;
}

This will allow GET to /transfers to go straight to Rails, but POSTs
are run through the upload_module.