diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index a1736a1..b7b0d89 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -74,7 +74,7 @@ security_scanner:
   services:
     - docker:dind
   script:
-    - scripts/packer.sh debian-bullseye
+    - scripts/packer.sh debian-bookworm
     - aws --endpoint-url "$AWS_ENDPOINT_URL" s3 cp images/ "s3://$AWS_BUCKET/$CI_COMMIT_REF_SLUG/$CI_JOB_ID/" --recursive --no-progress
   artifacts:
     paths:
diff --git a/Makefile b/Makefile
index b201b6e..413424f 100644
--- a/Makefile
+++ b/Makefile
@@ -22,7 +22,7 @@ qemu_network = 10.2.2.0
 qemu_netmask = 24
 qemu_vm_ip = 10.2.2.10
 qemu_disk = tmp/qemu-disk.img
-qemu_target ?= debian-bullseye
+qemu_target ?= debian-bookworm
 qemu_kernel = $(qemu_target).linux
 qemu_torrent = $(qemu_target).torrent
 qemu_initramfs = $(shell \
@@ -35,7 +35,7 @@ fi \
 ci_environment=$(shell env | sed -n 's/^\(CI_.*\)=.*/-e \1/p')
 
 .PHONY: default
-default: builderimg images/debian-bullseye.squashfs
+default: builderimg images/debian-bookworm.squashfs
 
 .PHONY: clean
 clean:
@@ -60,7 +60,7 @@ images:
 	[ ! -d "$@" ] && mkdir "$@"
 	touch "$@"
 
-images/debian-bullseye.squashfs: images
+images/debian-bookworm.squashfs: images
 	docker run \
 		--rm \
 		-v /var/run/docker.sock:/var/run/docker.sock \
@@ -72,9 +72,9 @@ images/debian-bullseye.squashfs: images
 		$(ci_environment) \
 		"$(DOCKER_IMAGE_BUILDER)" \
 		scripts/packer.sh \
-		debian-bullseye
+		debian-bookworm
 
-images/debian-bullseye.torrent: images
+images/debian-bookworm.torrent: images
 	docker run \
 		--rm \
 		-v "${PWD}:${PWD}" \
@@ -82,7 +82,7 @@ images/debian-bullseye.torrent: images
 		-e "WEBSEED=$(WEBSEED)" \
 		"$(DOCKER_IMAGE_BUILDER)" \
 		scripts/torrent.sh \
-		debian-bullseye
+		debian-bookworm
 
 .PHONY: ansible
 ansible:
@@ -104,24 +104,24 @@ ansible:
 
 # updates the initramfs
 # only used for development
-images/debian-bullseye.initramfs.dev: tmp/initramfs-extracted/debian-bullseye packer/initramfs/labsync
-	cp packer/initramfs/labsync tmp/initramfs-extracted/debian-bullseye/scripts/labsync
-	(cd tmp/initramfs-extracted/debian-bullseye && find . | cpio -H newc -o | gzip > $(CWD)/images/debian-bullseye.initramfs.dev)
+images/debian-bookworm.initramfs.dev: tmp/initramfs-extracted/debian-bookworm packer/initramfs/labsync
+	cp packer/initramfs/labsync tmp/initramfs-extracted/debian-bookworm/scripts/labsync
+	(cd tmp/initramfs-extracted/debian-bookworm && find . | cpio -H newc -o | gzip > $(CWD)/images/debian-bookworm.initramfs.dev)
 
 tmp:
 	[ ! -d "$@" ] && mkdir "$@" || true
 
-tmp/initramfs-extracted/debian-bullseye: images/debian-bullseye.initramfs
-	rm -rf tmp/initramfs-extracted/debian-bullseye
-	mkdir -p tmp/initramfs-extracted/debian-bullseye
-	(cd tmp/initramfs-extracted/debian-bullseye && zcat "$(CWD)/images/debian-bullseye.initramfs" | cpio -i)
-	touch tmp/initramfs-extracted/debian-bullseye
+tmp/initramfs-extracted/debian-bookworm: images/debian-bookworm.initramfs
+	rm -rf tmp/initramfs-extracted/debian-bookworm
+	mkdir -p tmp/initramfs-extracted/debian-bookworm
+	(cd tmp/initramfs-extracted/debian-bookworm && zcat "$(CWD)/images/debian-bookworm.initramfs" | cpio -i)
+	touch tmp/initramfs-extracted/debian-bookworm
 
 $(qemu_disk): tmp
 	qemu-img create "$@" 20G
 
 tmp/netboot.tar.gz: tmp
-	wget -c -O "$@" https://cdn-aws.deb.debian.org/debian/dists/bullseye/main/installer-amd64/current/images/netboot/netboot.tar.gz
+	wget -c -O "$@" https://cdn-aws.deb.debian.org/debian/dists/bookworm/main/installer-amd64/current/images/netboot/netboot.tar.gz
 	touch "$@"
 
 tmp/tftproot: tmp/netboot.tar.gz
diff --git a/packer/ansible/playbook.yml b/packer/ansible/playbook.yml
index 73983eb..8fb1adf 100644
--- a/packer/ansible/playbook.yml
+++ b/packer/ansible/playbook.yml
@@ -94,15 +94,13 @@
         - de
       extensions:
         - uBlock0@raymondhill.net
-        - https-everywhere@eff.org
     debian_sections:
       - main
       - contrib
       - non-free
     debian_mirror: http://ftp.de.debian.org/debian
     hardware:
-      firmware:
-        - firmware-amd-graphics
+      firmware: []
     greeting:
       title: Willkommen im FabLab Bad Windsheim
       content: >
diff --git a/packer/ansible/roles/firefox/files/policies.json b/packer/ansible/roles/firefox/files/policies.json
index 65685f9..46d5317 100644
--- a/packer/ansible/roles/firefox/files/policies.json
+++ b/packer/ansible/roles/firefox/files/policies.json
@@ -19,7 +19,7 @@
     "NoDefaultBookmarks": true,
     "OfferToSaveLogins": true,
     "Homepage": {
-      "URL": "about:blank"
+      "URL": "https://wiki.fablab-nea.de/"
     },
     "OverrideFirstRunPage": "",
     "SearchEngines": {
diff --git a/packer/ansible/roles/fonts/tasks/main.yml b/packer/ansible/roles/fonts/tasks/main.yml
index 2f8f750..6408a58 100644
--- a/packer/ansible/roles/fonts/tasks/main.yml
+++ b/packer/ansible/roles/fonts/tasks/main.yml
@@ -3,5 +3,11 @@
   - import_tasks: google.yml
     tags:
       - fonts:google
+  - name: Install font viewer
+    apt:
+      name:
+        - fontmatrix
+    tags:
+      - fonts:fontmatrix
   tags:
     - fonts
diff --git a/packer/debian-bullseye.yaml b/packer/debian-bookworm.yaml
similarity index 98%
rename from packer/debian-bullseye.yaml
rename to packer/debian-bookworm.yaml
index 0a7285a..8d9d0a5 100644
--- a/packer/debian-bullseye.yaml
+++ b/packer/debian-bookworm.yaml
@@ -20,7 +20,7 @@ variables:
 
 builders:
 - discard: true
-  image: debian:bullseye
+  image: debian:bookworm
   type: docker
   volumes:
     '{{user `images`}}': /tmp/images
@@ -62,7 +62,7 @@ provisioners:
   - cp $(find /boot/ -name 'vmlinuz-*' | sort -V | tail -n 1) '/tmp/images/{{user `linux_file`}}'
   type: shell
 - inline:
-  - apt-get -y install openssh-server python lsb-release
+  - apt-get -y install openssh-server python3 lsb-release
   type: shell
 - playbook_file: ansible/playbook.yml
   type: ansible
diff --git a/security-scanner/Dockerfile b/security-scanner/Dockerfile
index 677e003..10110ad 100644
--- a/security-scanner/Dockerfile
+++ b/security-scanner/Dockerfile
@@ -1,4 +1,4 @@
-FROM debian:bullseye-slim
+FROM debian:bookworm-slim
 
 RUN apt-get update \
 	&& apt-get -y install \
diff --git a/txt.cfg b/txt.cfg
index 1cfc6a4..c61741b 100644
--- a/txt.cfg
+++ b/txt.cfg
@@ -1,7 +1,7 @@
 label labsync
 	menu label ^labsync
-	kernel images/debian-bullseye.linux
-	append initrd=images/debian-bullseye.initramfs.dev boot=labsync labsync_disk=sda labsync_partsize_boot=512 labsync_torrent=http://10.2.2.1/debian-bullseye.torrent quiet vga=792 ip=10.2.2.10:::255.255.255.0:qemu-host:ens3:off labsync_wait=pause
+	kernel images/debian-bookworm.linux
+	append initrd=images/debian-bookworm.initramfs.dev boot=labsync labsync_disk=sda labsync_partsize_boot=512 labsync_torrent=http://10.2.2.1/debian-bookworm.torrent quiet vga=792 ip=10.2.2.10:::255.255.255.0:qemu-host:ens3:off labsync_wait=pause
 
 label install
 	menu label ^Install