diff --git a/README.md b/README.md
index a59b0f3..1679393 100644
--- a/README.md
+++ b/README.md
@@ -2,16 +2,44 @@
 
 ## Getting Started
 
+#### Running the sandbox UI
+
 1. fork
-2. clone recursively
-3. run `./vendor/build.sh`
-4. download `DB5LITEBIN` from https://lite.ip2location.com/file-download
-5. unzip `IP2LOCATION-LITE-DB5.BIN.ZIP` into `./vendor/`
-6. run `yarn install`
-7. patch broken wrtc module (https://github.com/zeit/pkg/issues/364#issuecomment-443608978)
-8. start super node with `npm run server`
-9. start ui dev server with `npm start`
-10. start permissive chrome instance with `/usr/bin/google-chrome http://localhost:3000 --user-data-dir=/tmp --unsafely-treat-insecure-origin-as-secure=http://localhost:3000 --allow-running-insecure-content`
+2. clone recursively 
+    ```
+    git clone --recursive https://github.com/slugalisk/player.git
+    ```
+3. install the js dependencies 
+    ```
+    yarn install
+    ```
+4. patch wrtc module (https://github.com/zeit/pkg/issues/364#issuecomment-443608978)
+5. start ui dev server with 
+    ```
+    npm start
+    ```
+
+this is enough to run the sandbox ui. chrome doesn't permit access to the web crypto apis in insecure contexts. on linux you can circumvent this with:
+
+```
+$ /usr/bin/google-chrome http://localhost:3000/test --user-data-dir=/tmp --unsafely-treat-insecure-origin-as-secure=http://localhost:3000 --allow-running-insecure-content`
+```
+
+on windows create a shortcut with the target
+
+```
+"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --user-data-dir=%USERPROFILE%\AppData\Temp\TestChromeData --unsafely-treat-insecure-origin-as-secure=http://localhost:3000 --allow-running-insecure-content
+```
+
+#### Running the ingest server
+
+6. build nginx with nginx-rtmp-module
+   ```
+   ./vendor/build.sh
+   ```
+7. download `DB5LITEBIN` from https://lite.ip2location.com/file-download
+8. unzip `IP2LOCATION-LITE-DB5.BIN.ZIP` into `./vendor/`
+9. start super node with `npm run server`
 
 ## Sources