diff --git a/services/bazarr.nix b/services/bazarr.nix
index cff6430..84715cb 100644
--- a/services/bazarr.nix
+++ b/services/bazarr.nix
@@ -11,6 +11,9 @@
       user = "bazarr";
       group = "media";
     };
+
+    # Ensure subtitles written by bazarr are group-writable
+    systemd.services.bazarr.serviceConfig.UMask = "0002";
     
     users.users.bazarr = {
       isSystemUser = true;
diff --git a/services/jellyfin.nix b/services/jellyfin.nix
index 2693349..d2488c4 100644
--- a/services/jellyfin.nix
+++ b/services/jellyfin.nix
@@ -7,7 +7,10 @@
       		enable = true;
 			openFirewall = true;
     	};
-		  
+
+    	# Ensure Jellyfin can write thumbnails/artwork to media directories
+    	systemd.services.jellyfin.serviceConfig.UMask = "0002";
+
     	users.users.jellyfin.extraGroups = [ "media" "video" "render" ];
 	};
 }
diff --git a/services/qbittorrent-nox.nix b/services/qbittorrent-nox.nix
index 4674757..006f8e0 100644
--- a/services/qbittorrent-nox.nix
+++ b/services/qbittorrent-nox.nix
@@ -43,7 +43,8 @@
 				Group = "media";
 				ExecStart = "${pkgs.qbittorrent-nox}/bin/qbittorrent-nox --confirm-legal-notice";
 				Restart = "on-failure";
-				
+				UMask = "0002";
+
 				# Security hardening - FIXED
 				NoNewPrivileges = true;
 				PrivateTmp = true;
diff --git a/services/radarr.nix b/services/radarr.nix
index 4fb6ce2..944e33b 100644
--- a/services/radarr.nix
+++ b/services/radarr.nix
@@ -11,6 +11,9 @@
       user = "radarr";
       group = "media";
     };
+
+    # Ensure files created by radarr are group-writable
+    systemd.services.radarr.serviceConfig.UMask = "0002";
     
     # Media group is already created in qbittorrent-nox.nix
     # Just make sure radarr is in it
@@ -23,8 +26,8 @@
     # Set up directory structure with proper permissions
     systemd.tmpfiles.rules = [
       # Media folders - radarr writes here
-      "d /mnt/storage/torrents/movies 0775 radarr media -"
-      "Z /mnt/storage/torrents/movies 0775 radarr media -"
+      "d /mnt/storage/torrents/movies 2775 radarr media -"
+      "Z /mnt/storage/torrents/movies 2775 radarr media -"
     ];
   };
 }
diff --git a/services/sonarr.nix b/services/sonarr.nix
index bfa732e..f2b560a 100644
--- a/services/sonarr.nix
+++ b/services/sonarr.nix
@@ -11,6 +11,9 @@
       user = "sonarr";
       group = "media";
     };
+
+    # Ensure files created by sonarr are group-writable
+    systemd.services.sonarr.serviceConfig.UMask = "0002";
     
     # Media group is already created in qbittorrent-nox.nix
     # Just make sure sonarr is in it