Sonarr sends the request for the episode or season pack to NZBGet
NZBGet downloads into .../NZBGet/incomplete
once the download finishes it moves the files to .../NZBGet/complete
Apologies for my ignorance here, but are tags then used to move the files again to .../NZBGet/complete/tv, /films, /music, etc.?
if .rar extensions are found it extracts them
When NZBGet extracts, does it extract the file(s) to, for example, .../tv/Breeders.S01E03.1080p.AMZN.WEB-DL, or to .../tv/Breeders?
If the latter, is this something you have specifically set up? If so, you’d need to undo this so it uses the former and let Sonarr do the organising, because NZBGet is feeding Sonarr the location of the .rar files.
Or have I misunderstood, and it’s actually creating copies to both locations? Or have I really misunderstood?
in regards to permissions you set the host path to be owned by the PUID/PGID of the account you are using across all your “media” containers and give it full rights to that folder and all subfolders. if you do that then you shouldnt have any access issues at all, and you shouldnt need sonarr to change permissions.
if youre using different PUIDs for each container then make sure all of them are in the PGID group so they have full control
you may want to use this command to connect to the container and check the volume mappings exist, the path is there, and that you have access; docker exec -it YOUR_CONTAINER_NAME_GOES_HERE bash
ie typically you create a user id on the host, add it to a group, then get the IDs for both and set them for the container
the linuxserver containers typically run as user abc and group abc, and the bootup process resets their IDs to the PUID and PGID you set on the container, this effectively makes them the same IDs inside and outside which is how docker security works (the container IDs line up with the host IDs making them the same users and groups from a host security/access perspective)
from the looks of one of your previous posts the actual IDs are 1000/1000 so if 999 isnt a valid user on your host, and 1000 is, then you need to change the container to use 1000, then delete and re-create the container (not the container setup/config) so it picks up that change
note - the ownership there might be for docker, not the underlying volumes. you need to note down all the host paths mapped into each container and ensure that (for example) user 1000 is the owner (so has full control), and group 1000 also has full control (including to subfolders), so for asustor youd use the adm file explorer, or SSH in and use *nix commands