Cannot run lircd as a service - permission denied creationg PID and socket

I’m trying to auto-start lirc for use with Kodi. I think I figured out the proper Nix way to do this, but I’m getting an unexpected error. First, here’s my config:

  services.lirc.enable = true;
  services.lirc.configs = [
    (builtins.readFile ./files/mce-inteset.conf)
  services.lirc.options = ''
    driver = default
    device = /dev/lirc0
    pidfile = /var/run/
    nodaemon = False
    immediate-init = True

Please check my syntax - I’m not 100% sure I did that correctly, but it seems to configure everything correctly.

Upon reboot I get a new lircd.socket service. However, when trying to use it I get this (via journalctl):

May 26 23:35:30 htpc systemd[1]: Starting LIRC daemon socket...
May 26 23:35:30 htpc systemd[1]: Listening on LIRC daemon socket.
May 26 23:36:29 htpc systemd[1]: lircd.socket: Failed with result 'service-start-limit-hit'

Upon investigating syslog I find this:

2024-05-26T23:51:21.544845-05:00 htpc lircd-0.10.2[2049]: Info: Initial device: /dev/lirc0
2024-05-26T23:51:21.544868-05:00 htpc lircd-0.10.2[2049]: Warning: Cannot access device: /dev/lirc0
2024-05-26T23:51:21.545042-05:00 htpc lircd[2049]: can't open or create /var/run/ Permission denied

It does that repeatedly, which is probably what’s causing that systemd message.

So… why can’t it create the socket or PID file? I’m guessing the process must be starting up as a non-root user, but I don’t have anything like that defined. Maybe some built-in logic by whatever creates the nix service?

How can I override / fix that?

I worked around this for now by giving my kodi user sudo rights to run lircd and kicking it off via an autostart script on login. Gets the job done so I can start using it, but very interested in any suggestions to do this the “right” way.