Secure Docker SSL Bolt Config on Synology?

Hi all

Learner here. Goal is to setup secure neo4j DB on Synology NAS (via Docker) to be able to query and load datasets – for eg, import CSVs as graphs, then query those nodes etc.

Getting stuck at configuring and running my docker neo4j image.

First step is to setup a neo4J DB on Docker on my NAS and then ensure it's secure by blocking HTTP, setting up SSL and Bolt, etc.

Found this security checklist to follow: https://neo4j.com/docs/operations-manual/current/security/checklist/ and this doc on SSL - https://neo4j.com/docs/operations-manual/current/security/ssl-framework/

Thus far I've:

  1. got a neo4j enterprise license
  2. read ' How-To: Run Neo4j in Docker' https://neo4j.com/developer/docker-run-neo4j/
  3. SSH'd to my Synology NAS runtime - and create a 'neo4j:2.3-enterprise' image blocking HTTP but allowing bolt and SSL.

But it returns this error:

docker: Error response from daemon: Bind mount failed: '/var/services/homes/rise/neo4j/plugins' does not exists.

Any ideas why and how to resolve / get the image setup securely and running the DB that I can query?

Full Query:

...:/$ sudo docker run \
>     --name nBank \
>     -p7687:7687 \
>     -p7473:7473 \
>     -d \
>     -v $HOME/neo4j/data:/data \
>     -v $HOME/neo4j/logs:/logs \
>     -v $HOME/neo4j/import:/var/lib/neo4j/import \
>     -v $HOME/neo4j/plugins:/plugins \
>     --env NEO4J_AUTH=neo4j/test \
>     neo4j:enterprise
3c03e1f461d0cb28440ed160537c4c64eec96935c7215401929095231db4b215
docker: Error response from daemon: Bind mount failed: '/var/services/homes/rise/neo4j/data' does not exists.

Despite the error, when I do ' / $ sudo docker ps -a' I can see that the image is created.

:/$ sudo docker ps -a
CONTAINER ID        IMAGE                                            COMMAND                  CREATED              STATUS                   PORTS                                                                NAMES
3c03e1f461d0        neo4j:enterprise                                 "/sbin/tini -g -- /d…"   About a minute ago   Created                  0.0.0.0:7473->7473/tcp, 0.0.0.0:7687->7687/tcp, 7474/tcp             nBank

Does anyone know how to:
A) configure neo4j DB on Docker on machine to be enterprise secure so that it's only accessed by me? ... Am I on the right track here?
ie is there a docker template neo4j.config or other that I can use when launching the docker container to run my DB as securely as possible? ie closes off HTTP, only enables SSL or Bolt connections, etc? Currently I'm trying to achieve decent image setup using the -env tag on the script above.

B) run Cypher queries via CypherShell or Neo4j Browser so I can start importing data like CSVs?
Have tried to bash into the image but getting error:

:/$ docker exec -it nbank bash
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/containers/nbank/json: dial unix /var/run/docker.sock: connect: permission denied

Thanks so much