diff --git a/flake.nix b/flake.nix
index f9754a8e..ce801591 100644
--- a/flake.nix
+++ b/flake.nix
@@ -121,6 +121,11 @@
             hostname = "Rhizome";
             username = "corey";
           };
+
+          Stroma = mkDarwinHost {
+            hostname = "Stroma";
+            username = "corey";
+          };
         };
 
         deploy = {
diff --git a/hosts/Stroma/default.nix b/hosts/Stroma/default.nix
new file mode 100644
index 00000000..3a33cae5
--- /dev/null
+++ b/hosts/Stroma/default.nix
@@ -0,0 +1,18 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  imports = [
+    ./dock.nix
+    ./hardware.nix
+    ./programs.nix
+  ];
+
+  rc.darwin.defaults = {
+    fonts = true;
+    homebrew = true;
+    security = true;
+    system = true;
+  };
+}
diff --git a/hosts/Stroma/dock.nix b/hosts/Stroma/dock.nix
new file mode 100644
index 00000000..fb422dab
--- /dev/null
+++ b/hosts/Stroma/dock.nix
@@ -0,0 +1,25 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  system.defaults.dock = {
+    tilesize = 42;
+    largesize = 86;
+    persistent-apps = [
+      "/System/Volumes/Preboot/Cryptexes/App/System/Applications/Safari.app"
+      "/System/Applications/Mail.app"
+      "/Applications/Zed.app"
+      "/Applications/rootshell.app"
+      "/Applications/Reeder.app"
+      "/Applications/Roon.app"
+      "/System/Applications/Calendar.app"
+      "/System/Applications/Reminders.app"
+      "/System/Applications/Notes.app"
+      "/Applications/Things3.app"
+      "/Applications/Craft.app"
+      "/System/Applications/Messages.app"
+      "/Applications/Slack.app"
+    ];
+  };
+}
diff --git a/hosts/Stroma/hardware.nix b/hosts/Stroma/hardware.nix
new file mode 100644
index 00000000..bddc6b2e
--- /dev/null
+++ b/hosts/Stroma/hardware.nix
@@ -0,0 +1,13 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  users.users.corey = {
+    home = "/Users/corey";
+  };
+  system.primaryUser = "corey";
+
+  system.stateVersion = 5;
+  nixpkgs.hostPlatform = "aarch64-darwin";
+}
diff --git a/hosts/Stroma/key.pub b/hosts/Stroma/key.pub
new file mode 100644
index 00000000..95a9c9e9
--- /dev/null
+++ b/hosts/Stroma/key.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDvLok8cBNJHzqbb4s9OtKloGv+f731ZirQVp+U7EHPK
diff --git a/hosts/Stroma/programs.nix b/hosts/Stroma/programs.nix
new file mode 100644
index 00000000..f3b07334
--- /dev/null
+++ b/hosts/Stroma/programs.nix
@@ -0,0 +1,77 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  environment.systemPackages = with pkgs; [
+    m-cli
+    mas
+    the-unarchiver
+  ];
+
+  homebrew = {
+    enable = true;
+    # N.B.: Removed entries in `masApps` require manual uninstallation
+    masApps = {
+      "Folder Quick Look" = 6753110395;
+      "GoodLinks" = 1474335294;
+      "Hand Mirror" = 1502839586;
+      "Infuse" = 1136220934;
+      "Mapper" = 1589391989;
+      "Mela" = 1568924476;
+      "Noir" = 1592917505;
+      "Paku" = 1534130193;
+      "Parcel" = 375589283;
+      "Pixea" = 1507782672;
+      "Play" = 1596506190;
+      "Reeder" = 1529448980;
+      "Timery" = 1425368544;
+      "Things" = 904280696;
+    };
+  };
+
+  programs.craft = {
+    enable = true;
+  };
+
+  programs.daisydisk = {
+    enable = true;
+  };
+
+  programs.fastscripts = {
+    enable = true;
+    startOnActivation = true;
+  };
+  rc.darwin.defaults.fastscripts = true;
+
+  programs.iina = {
+    enable = true;
+  };
+
+  programs.little-snitch = {
+    enable = true;
+  };
+
+  programs.popclip = {
+    enable = true;
+    startOnActivation = true;
+  };
+
+  programs.postico = {
+    enable = true;
+  };
+
+  programs.roon = {
+    enable = true;
+  };
+
+  programs.scroll-reverser = {
+    enable = true;
+    startOnActivation = true;
+  };
+
+  programs.soundsource = {
+    enable = true;
+    startOnActivation = true;
+  };
+}
diff --git a/lib/keys.nix b/lib/keys.nix
index 2ebbd147..657ed7f7 100644
--- a/lib/keys.nix
+++ b/lib/keys.nix
@@ -10,6 +10,7 @@ let
       "glyph"
       "Rhizome"
       "spore"
+      "Stroma"
       "zeta"
     ];
 in
diff --git a/modules/darwin/rc.nix b/modules/darwin/rc.nix
index 872b5f21..337f856a 100644
--- a/modules/darwin/rc.nix
+++ b/modules/darwin/rc.nix
@@ -25,7 +25,6 @@ in {
     ];
 
     homebrew = mkIf cfg.homebrew {
-      caskArgs.no_quarantine = true;
       onActivation = {
         cleanup = "zap";
         upgrade = true;
diff --git a/modules/nixos/ssh.nix b/modules/nixos/ssh.nix
index ed2f7e7d..dac23282 100644
--- a/modules/nixos/ssh.nix
+++ b/modules/nixos/ssh.nix
@@ -15,6 +15,7 @@
   users.users.mu.openssh.authorizedKeys.keys = [
     keys.Rhizome
     keys.glyph
+    keys.Stroma
   ];
 
   security.pam.sshAgentAuth.authorizedKeysFiles = lib.mkForce ["/etc/ssh/authorized_keys.d/%u"];