diff --git a/deploy/truenas/core/README.md b/deploy/truenas/core/README.md
index e79ff6f..d012d2e 100644
--- a/deploy/truenas/core/README.md
+++ b/deploy/truenas/core/README.md
@@ -55,7 +55,45 @@ docker compose logs -f
 You should see Core come up logging all configured listeners, including
 a line from the WebRTC component confirming the subsystem is enabled.
 
-## Smoke-test via API
+The first build takes ~5 minutes — it compiles Core from source AND
+builds the React UI bundle. Subsequent rebuilds are faster (Docker
+layer cache).
+
+## GUI surfaces
+
+Once the stack is up, three browser-reachable UIs ship out of the box:
+
+| URL | What it is |
+| --- | --- |
+| `http://<host>:8080/` | The full Restreamer UI (rebranded "Wild Dragon"). Manage processes, configure ingests, set up RTMP/SRT/HLS outputs, view logs. The standard Datarhei admin experience. |
+| `http://<host>:8080/wilddragon-webrtc.html` | Wild Dragon WebRTC admin. Sign in, pick a process, click "Enable WebRTC". The page restarts the process so the new RTP output legs go live, then surfaces the WHEP URL with a one-click jump to the smoke player. **The fastest path from "I want WebRTC on this stream" to "the smoke player is rendering it."** |
+| `http://<host>:8080/whep-player.html` | Standalone WHEP subscriber (the smoke player). ICE / codec / bitrate diagnostics, JWT input, shareable URLs. Use to verify WebRTC actually works after enabling it. |
+| `http://<host>:8080/api/swagger/index.html` | Swagger API docs. Same auth. Hit the WHEP endpoints directly when scripting. |
+
+The Restreamer UI doesn't (yet) have a WebRTC checkbox in its process editor —
+that's why the standalone admin page exists. A proper UI fork that adds
+WebRTC controls inline is tracked in issue #15.
+
+## End-to-end smoke test
+
+```
+1. Open http://<host>:8080/  (Restreamer UI). Sign in with admin / <API_AUTH_PASSWORD>.
+2. Create a new "Source" with type RTMP. Note the RTMP push URL it shows.
+3. Push your test source to that URL (OBS, ffmpeg, etc.). Confirm it
+   shows "running" in the UI.
+4. Open http://<host>:8080/wilddragon-webrtc.html. Sign in with the same creds.
+5. Click "Enable WebRTC" on the process you just created.
+6. Click the "open ↗" link next to the WHEP URL to load the smoke player.
+7. Click "Subscribe" in the smoke player. Within ~1s you should see your
+   RTMP source rendering as WebRTC.
+```
+
+If step 7 hangs, the most common cause is `PUBLIC_IP` in `.env` not
+matching what the browser can actually reach (host firewall, wrong
+LAN IP, etc.). Check the WHEP smoke player's log panel — it'll
+surface the ICE state transitions.
+
+## Smoke-test via API directly
 
 ```
 # Issue a JWT against the admin creds from .env:
@@ -100,3 +138,7 @@ docker compose down
   This matches how the upstream datarhei/core image ships.
 - Put Caddy or nginx in front for TLS. The media itself is
   DTLS-SRTP-encrypted regardless.
+- The Wild Dragon WebRTC admin page (`/wilddragon-webrtc.html`) talks to
+  the same JWT-protected API. The token is held in `localStorage` and
+  cleared when you click "Sign out". If you've configured Core's API
+  to require auth — which you should — this page is gated by it.