Searching finally for 'ppsk' I found this thread and hope that'll help me.
Update: If I followed that information correctly the most recent version of OpenWRT does support this feature. Will look at it…
Update: Seems like https://github.com/openwrt/luci/commit/05af14b25bc0fc2262416dcebf3360b11104198b reverts the needed changes to luci because of https://github.com/openwrt/luci/issues/6902 .
Update: Replacing the wireless.js script with the version from the former MR let me configure dpsk aka ppsk through luci. I ended up with these parameters in /etc/config/wireless:
option device 'radio0'
option mode 'ap'
option ssid 'PPSK_SSID'
option encryption 'psk2'
option ppsk '1'
option auth_server '192.168.1.1'
option dynamic_vlan '2'
option vlan_tagged_interface 'eth0'
option vlan_bridge 'br-vlan'
option auth_port '1812'
option per_sta_vif '1'
option vlan_naming '1'
option auth_secret 'radius_secret'
which is for these settings in luci:
Without luci being able to set these settings they could be edited directly in /etc/config/wireless. If I do not misread this: mode: ['ap', 'ap-wds'], encryption: ['psk', 'psk2', 'psk+psk2', 'psk-mixed'] ppsk should work for modes ap & ap-wds and with encryptions psk, psk2, psk+psk2, psk-mixed.
Even though the settings end up in my (I didn't re-install the full version of wpad after my upgrade, but that is needed to interpret the according hostapd.conf lines)/var/run/hostapd-phy0.conf the SSID does not become active, yet.
Update: This seems to work. I get radius-requests on my radius server and I guess I have to adapt it to answer with the required tunnel-password (which it doesn't at the moment). But my question can be considered solved I guess.