To answer your latest question why the /login mutation was not working, that login procedure is available when you enable acl (in your example, I don’t see the --acl flag being set). I suggest that you spend time reading this page thoroughly: Access Control Lists - Enterprise features
Maybe get your cluster up and running without acls, etc. Then start adding in these features. Maybe turn on verbose logging which might reveal some problems. The code has several places where ACL-enabled clusters are started and tested (using Docker Compose). Maybe go through those to see where you might be misconfiguring.
I’d also like to point out that I, along with many others in these forums, volunteer my time here.