Nginx strapi increase upload body size for /upload/

Question

I've got a problem here with nginx 1.27.0 and strapi 4.25.0. I don't think this is a strapi problem but rather an nginx one, I just mentioned it for completeness.

Whenever I'm trying to upload a file that's larger than the standard filesize limit, nginx won't upload it. There is the option to set client_max_body_size in global nginx settings, but according to the internet this should be avoided due to potentially being used in DDOS Attacks. So I was trying to set this specifically for the url strapi uses for uploading stuff, which should be /upload. So this is my current setup:

server {
    # Listen HTTP
    listen 80;
    server_name myapi.tld;
    access_log /var/log/nginx/myapi/myapi.log;
    error_log /var/log/nginx/myapi/myapi.error.log;

    # Redirect HTTP to HTTPS
    return 301 https://$host$request_uri;
}

server {
    # Listen HTTPS
    listen 443 ssl;
    server_name myapi.tld;
    
    ssl_certificate path_to_cert;
    ssl_certificate_key path_to_key;
    include /etc/letsencrypt/options-ssl-nginx.conf;

    # Proxy Config
    location / {
        proxy_pass http://localhost:PORT;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_pass_request_headers on;
    }
}

now if I read it correctly, since strapi POSTS uploads to /upload shouldn't I, in theory be able to do something like this:?

server {
  listen 443 ssl;
  ...

  location /upload {
    client_max_body_size: 200m;
  }
  
  location / {
    proxy_pass...
    proxy_http_version....
    ...
  }

}

This doesn't work however as it breaks my strapi backend. Is there any other way on how to allow POSTing of larger bodies to /upload?

Currently my nginx error log is throwing this exception:

2024/06/16 20:08:55 [error] 1141535#1141535: *1 client intended to send too large body: 2194403 bytes, client: 46.5.3.1, server: api.myapi.tld, request: "POST /upload HTTP/2.0", host: "myapi.tld", referrer: "https://myapi.tld/admin/content-manager/collection-types/api::image-gallery.image-gallery/11"

Any help would be appreciated.

Greetz

Answer 1

server {
    # Listen HTTP
    listen 80;
    server_name myapi.tld;
    access_log /var/log/nginx/myapi/myapi.log;
    error_log /var/log/nginx/myapi/myapi.error.log;

    # Redirect HTTP to HTTPS
    return 301 https://$host$request_uri;
}

server {
    # Listen HTTPS
    listen 443 ssl;
    server_name myapi.tld;
    
    ssl_certificate path_to_cert;
    ssl_certificate_key path_to_key;
    include /etc/letsencrypt/options-ssl-nginx.conf;

    # Proxy Config for /upload
    location /upload {
        client_max_body_size 200m;
        proxy_pass http://localhost:PORT;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_pass_request_headers on;
    }

    # Proxy Config for all other requests
    location / {
        proxy_pass http://localhost:PORT;
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Host $http_host;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_pass_request_headers on;
    }
}