NENVEST

Stripe payment bot + Telegram-native admin

Subscription platform for the closed Capitalist Invest / Rynochok investment community

👤 Solo full-stack🌍 SubTech / Wealth-tech✅ ProductionDemo on request

Context

Capitalist Invest / Rynochok — a closed paid-subscription investment community: daily market analytics, weekly research reports, 8 themed channels (stocks, bonds, volatility, crypto, macro, commodity, research, portfolio), live chat. 500+ members, partnership with the «Ostannii Kapitalist» media.

I built two systems that work together: Stripe Payment Bot — a Telegram frontend for paying subscriptions (the only point of user interaction), and Admin Panel — Telegram-native admin for the team (promo, pricing, broadcasts, migrations).

My role: solo full-stack — from architecture to production. Stripe bot, Telegram-native admin, webhook pipeline, operational dashboard in Google Sheets, Docker deploy and Cloudflare Tunnels. Before this I ran a digital community of around 1000 people — manually doing broadcasts, customer support, repeat payments, adding and removing members. That knowledge and experience let me build a comprehensive platform for automatic membership management.

What came out of it

Two systems that work together: Stripe bot for users and admin panel for the team.

Subscribe via Telegram bot: user picks a tier → pays → joins the closed chat and channel
Cancel / resume subscription right in Telegram, automatic removal on overdue
Telegram admin panel: promo codes, price changes, subscription migrations on tier change
Smart broadcasts: filters by tier and status, test mode with preview before sending, HTML formatting, delivery report
Channels: Telegram + Email
Subscription state in Google Sheets with formulas — status, dates, actions are computed automatically, the CEO sees the picture at a glance without SQL

// system

Architecture

2 separate services

user-facing + team-facing

01 — user-facing

Stripe Payment Bot

live

User (Telegram)

/subscribe · /cancel · /status

command

Stripe Payment Link

+ metadata: telegram_id, product_id

Webhook Receiver

Flask · :3001 · idempotent (event.json)

Schedulers

warning · delete

Event Transmitter

routing per event type

Bot Notifier

success · failed · expiring

Stripe

DUAL accounts

Google Sheets

state machine

Closed Chat

invite / kick

02 — team-facing

Admin Panel

live

Admin / team

whitelist Telegram-ID

inline keyboard

Cloudflare Tunnel

no public IP needed

Admin Bot

Flask · :3003 · 7-step state machine

JSON store

atomic writes

Promo

CRUD

Pricing

change · sync

Mass-sender

filter · test · send

Migration

2-step pipeline

Stripe API

subs · prices

Google Sheets

read-only sync

Bot API

broadcast

production

Technical details

Structure, infrastructure and development processes.

Stripe-domain depth

Full subscription lifecycle: Payment Links with metadata-routing, Subscription Schedules for price migrations without harm to active subs, webhook idempotency with a 30-day TTL event registry (protection against retries and double charges), failed-payment escalation with retry logic.

Reliability & atomicity

Atomic 3-stage webhook event processing: ack is committed ONLY after success of all steps. Mutex-protected JSON storage with atomic writes (tempfile → rename) instead of a separate DB — justified by team size, runs for a year without incidents.

Multi-process orchestration

Parallel async processes (bot, webhook receiver, API server, Telegram monitor, warning/delete checkers) under tmux, with separate logs. Coordination via Stripe events + shared Sheets — no orchestrator like Celery or Kubernetes.

CI/CD + observability

GitLab pipelines: lint → tests (Pytest with mocked Stripe via recorded fixtures) → build → deploy. Daily log rotation, structured logs per process. Cloudflare Tunnel for webhook ingress without a public IP.

Pragmatic architecture

JSON files instead of a DB, Google Sheets instead of a separate dashboard, in-memory FSM with atomic snapshots instead of Redis. Each decision is justified by team size and volume — no overkill, max maintainability.

Hot-reload & zero-downtime

Configs (tiers, whitelist, promo) are re-read via mtime-tracking — change without restarting the bot. Rolling deploy via Docker: a new container comes up alongside, traffic switches, the old one stops — zero disruption to active payments.

Tech stack

Backend / runtime

Python 3.11+Flask 3.1pyTelegramBotAPI 4.27python-telegram-bot 22Telethon 1.24asynciomulti-process orchestration

Payments

Stripe 12.2dual-account orchestrationSubscription SchedulesPayment Linkswebhook idempotency

Persistence / data

JSON files (atomic writes)Google Sheets (gspread 6.2).env confighot-reloadable configs

Integrations

Telegram Bot APIStripe APIGoogle Sheets APIEmail (SMTP)

Infrastructure

DockerCloudflare Tunnelsshell-orchestrationdaily log rotationEurope/Kyiv TZ

What's next?

This is one of my cases. The rest is on the home page.

Back to home See other cases